src/security/tpm/tss2.h

   1 /* SPDX-License-Identifier: BSD-3-Clause */
   2
   3 #ifndef TSS2_H_
   4 #define TSS2_H_
   5
   6 #include <types.h>
   7 #include <vb2_sha.h>
   8
   9 #include <security/tpm/tss/tcg-2.0/tss_structures.h>
  10 #include <security/tpm/tss_errors.h>
  11
  12 /*
  13  * TPM2-specific
  14  *
  15  * Some operations don't have counterparts in standard and are directly exposed
  16  * here.
  17  *
  18  * Other operations are applicable to both TPM versions and have wrappers which
  19  * pick the implementation based on version determined during initialization via
  20  * tlcl_lib_init().
  21  */
  22
  23 /*
  24  * Define a TPM2 space. The define space command TPM command used by the tlcl
  25  * layer offers the ability to use custom nv attributes and policies.
  26  */
  27 tpm_result_t tlcl2_define_space(uint32_t space_index, size_t space_size,
  28                                 const TPMA_NV nv_attributes,
  29                                 const uint8_t *nv_policy, size_t nv_policy_size);
  30
  31 /*
  32  * Issue TPM2_GetCapability command
  33  */
  34 tpm_result_t tlcl2_get_capability(TPM_CAP capability, uint32_t property,
  35                                   uint32_t property_count,
  36                                   TPMS_CAPABILITY_DATA *capability_data);
  37
  38 /* Issue TPM2_NV_SetBits command */
  39 tpm_result_t tlcl2_set_bits(uint32_t index, uint64_t bits);
  40
  41 /*
  42  * Makes tlcl2_process_command available for on top implementations of
  43  * custom tpm standards like cr50
  44  */
  45 void *tlcl2_process_command(TPM_CC command, void *command_body);
  46
  47 /* Return digest size of hash algorithm */
  48 uint16_t tlcl2_get_hash_size_from_algo(TPMI_ALG_HASH hash_algo);
  49
  50 /**
  51  * Set Clear Control. The TPM error code is returned.
  52  */
  53 tpm_result_t tlcl2_clear_control(bool disable);
  54
  55 /**
  56  * Make an NV Ram location read_only.  The TPM error code is returned.
  57  */
  58 tpm_result_t tlcl2_lock_nv_write(uint32_t index);
  59
  60 /**
  61  * Disable platform hierarchy. Specific to TPM2. The TPM error code is returned.
  62  */
  63 tpm_result_t tlcl2_disable_platform_hierarchy(void);
  64
  65 /*
  66  * Declarations for "private" functions which are dispatched to by tss/tss.c
  67  * based on TPM family.
  68  */
  69
  70 tpm_result_t tlcl2_save_state(void);
  71 tpm_result_t tlcl2_resume(void);
  72 tpm_result_t tlcl2_startup(void);
  73 tpm_result_t tlcl2_self_test_full(void);
  74 tpm_result_t tlcl2_read(uint32_t index, void *data, uint32_t length);
  75 tpm_result_t tlcl2_write(uint32_t index, const void *data, uint32_t length);
  76 tpm_result_t tlcl2_assert_physical_presence(void);
  77 tpm_result_t tlcl2_physical_presence_cmd_enable(void);
  78 tpm_result_t tlcl2_finalize_physical_presence(void);
  79 tpm_result_t tlcl2_force_clear(void);
  80 tpm_result_t tlcl2_extend(int pcr_num, const uint8_t *digest_data,
  81                           enum vb2_hash_algorithm digest_algo);
  82
  83 #endif /* TSS2_H_ */